PATENT 
AMENDMENT 



In the Claims 

Please amend the claims as follows: 

1 . (Currently Amended) Method for authenticating a third tier server system in a distributed 
application environment, wherein said distributed application environment comprising client 
system having parts of the distributed application, server systems having the remaining parts of 
the distributed application (server application or s e rv e r components) , and third tier server system 
which exchanges data between said client system and said server systems, wherein said client 
system acts as single point of recognizing and managing third tier server certificates and provides 
access to a common data base of the distributed application environment which contains third tier 
server certificates received from said third tier server which have been accepted as trustworthy 
for the distributed application environment, wherein at said server systems side said method 
comprises th e stops of ; 

receiving from said common database of said client system at least all necessary 
information of said a third tier server certificate being accepted as trustworthy for 
determining to accept or to decline a connection to said third tier server, 

comparing said received at least all necessary information r e c e ived from said 
client oyotcm with a server-copy of the t hird tier certificate received from said third tier 
server system, 

accepting said third tier server system as to be authenticated if said at least all 
necessary information from oaid cliont gyatom and oaid third tier certificate matches said 
server-copy of the third tier certificate . 

2. (Currently Amended) Method according to claim 1, wherein said at least all necessary 
information from said client system is received via a non-continuous client-server connection. 

3. (Original) Method according to claim 2, wherein said non-continuous client-server connection 
is using a secure transmission protocol. 
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4. (Currently Amended) Method according to claim 1, wherein said at least all necessary 
information of said third tier server oortifioato consis ts essentially of an original a client-copy of 
said t hird tier server certificate as stored in the common data base of said distributed application 
environment, and a server name which has transmitted said original client-copy of said third tier 
server certificate to said client system. 

5. (Currently Amended) Method according to claim 1, wherein said at least all necessary 
information of said third ti e r s e rver oortifioato consis ts essentially of a fingerprint of tho original 
a client-copy of said third tier certificate, and a server name which has transmitted said client- 
copy of said t hird tier server certificate to said client system. 

6. (Currently Amended) Method according to claim 1, wherein said at least all necessary 
information of said third tier server oortificato consists essentially of two different fingerprints of 
th e original a client-copy of the t hird tier server certificate, a server name which has transmitted 
said client-copy of the third original tier server certificate to said client system, and a certificate 
name. 

7. (Currently Amended) Method for authenticating a third tier server system in a distributed 
application environment, wherein said distributed application environment comprising a client 
system having parts of the distributed application, server systems having the remaining parts of 
the distributed application (server application or s e rv e r compononta) , and a third tier server 
system which exchanges data between said client system and said server systems, wherein said 
client system provides access to a common data base of the distributed application environment 
which contains third tier server certificates received from said third tier server which have been 
accepted as trustworthy for the distributed application environment, wherein at said client system 
said method comprises tho stops of : 

receiving a client-copy of a t hird tier server certificate from a third tier server 

system, 

determining whether said received client-copy of said t hird tier server certificate 
can be accepted as trustworthy, 
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storing said client-copy of said t hird tier server certificate in said common data 
base of the distributed application environment if said client-copy of said third tier server 
certificate has been accepted as trustworthy, and 

transferring to each server of said server systems at least all necessary information 
of said client-copy of said t hird tier server certificates being accepted as trustworthy for 
determining to accept or to decline a third tier server system. 

8. (Currently Amended) Method according to claim 7, wherein said storing step additionally 
includes storing a n ame of said third tier server system that has transmitted said client-copy of 
said third tier certificate. 

9. (Currently Amended) Method according to claim 7, wherein said client-copy of said third tier 
server certificate is received via a secure transmission protocol 

10. (Currently Amended) Method according to claim 7, wherein said at least all necessary 
information of said third tier sorv e r certificate is transmitted to said each server of said server 
systems via a non-continuous secure connection. 

11. (Original) Method according to claim 8, wherein authentication of said client system is 
accomplished by user ID and/or password. 

12. (Currently Amended) Server systems System for authenticating athird tier server system in a 
distributed application environment, wherein said distributed application environment comprises 
a client system having parts of the distributed application, a connection negotiator component for 
r e ceiving incoming third tier sorv e r certificates via a secure connection from said third tier 
s e rver, a common data base of the distribut e d application environment which contains third tier 
s e rv e r c e rtificates received from said third tier server which have boon accepted as trustworthy 
for the distributed application environm e nt, a Certificate verifier component for comparing 
r e ceived third tier 3orvor certificate with information stored in said common database and storing 
them into said common database if it matches, an us e r interface component allowing to r e ject or 
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Qoo e pt an unknown third tier s e rv e r c e rtificate not contain e d in said common data store, a 
certificate transmitter component for extracting all necessary information of said third tier server 
c e rtificat e s being acc e pted as trustworthy for determining to accept or to declin e a third ti e r 
server from said common database and transmitting them to said s e rv e r systems via a secure 
connection, and application server systems having the remaining parts of the distributed 
application (server application or server compon e nts), and said third tier server systom which 
oxohangos data between said cli e nt syst e m and said s e rver system s , wherein eaeh said application 
server of said server systems comprising comprise : 

atransfer server component whic h, in a first computer process, supports non- 
continuous and secure client-server connection for receiving all n e c e ssary certificate 
information from a client of said athird tier server certificates being accepted as 
trustworthy for determining to accept or to decline a connection to said third tier server 
system, 

a connection negotiator component for r e ceiving which, in a second computer 
process receives incoming third tier server certificates via a secure connection between 
said application server systems and said third tier server, 

a certificate verifier component for comparing which, in a third computer process, 
compares said third tier server certificate received from said third tier server with said 
received necessary certificate information received from said client of said third tier 
server certificat e s b e ing accepted as trustworthy for determining to acc e pt or to decline a 
third tier server , 

13. (Currently Amended) System according to claim 12, wherein said n e c e ssary certificate 
information of said third tier server cortifieato comprises two different fingerprints of the original 
third tier server certificate, name of the server which has transmitted said third tier server 
certificate to said client system, and certificate name. 

14. (Currently Amended) System according to claim 13, wherein said two different fingerprints 
are generated by applying two different algorithms to said third tier server certificates received 
from said common database. 
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15. (Currently Amended) System according to claim 14, wherein said application server systems 
further include the same algorithms as used for generating said two different fingerprints. 

16. (Currently Amended) Client system for authenticating third tier server in a distributed 
application environment, said distributed application environment comprises a client system 
having parts of the distributed application, application server systems having the remaining parts 
of the distributed application (s e rver application or s e rver components) as well as a transfer 
s e rver component supporting non - continuous and secur e client server connection, a oonneotion 
n e gotiator component for rocoiving incoming third tier server certificate via a secure connection 
b e twe e n 3aid s e rver systems and said third tier server, a certificat e verifier component for 
comparing said third tier sorvor certificate received from said third tier server with said 
information received from said client system for determining to accept or to reject third tier 
s e rver, and a third tier server which exohanges data between said client system and said server 
systems , said client system comprising: 

a connection negotiator component for receiving which, in a first computer 
process, receives incoming third tier server certificate via a secure connection from said 
third tier server, 

a common database of the distributed application environment which , in a second 
computer process, stores contains said third tier server certificates received from said 
third tier server system which have been accepted as trustworthy for the distributed 
application environment, 

a C e rtificate certificate verifier component for comparing which, in a third 
computer process, compares said received third tier server certificate with information 
stored in said common database and storing stores them into said common database if it 
matches, 

a user interface component which, in a fourth computer process, allows for 
accepting or rejecting allowing to reject or accept an unknown third tier server certificate 
not contained in said common data store data base, and 
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a certificate transmitter component which, in a fifth computer process, generates 
certificate for extracting all noooosory information of said third tier server certificates 
being accepted as trustworthy for determining to accept or to decline a third tier server 
from said common database and transmitting transmits them to said application server 
systems via a secure connection. 

1 7. (Currently Amended) Computer program product stored in the internal memory of a digital 
computer, containing parts of software code to execute the method in accordance with claim 1 if 
the product is run on the computer. 

Please add the following new claims: 

18. (New) System according to claim 15, further comprising a client system comprising: 

a connection negotiator component for receiving incoming third tier server 
certificates via a secure connection from said third tier server, 

a common data base of the distributed application environment which contains 
third tier server certificates received from said third tier server which have been accepted 
as trustworthy for the distributed application environment, 

a certificate verifier component for comparing received third tier server certificate 
with information stored in said common database and storing them into said common 
database if it matches, 

a user interface component allowing to reject or accept an unknown third tier 
server certificate not contained in said common data store, and 

a certificate transmitter component for extracting all necessary information of said 
third tier server certificates being accepted as trustworthy for determining to accept or to 
decline a third tier server from said common database and transmitting them to said 
server systems via a secure connection. 
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19. (New) System according to claim 16, further comprising an applicationserver system 
comprising: 

a transfer server component supporting non-continuous and secure client-server 
connection, 

a connection negotiator component for receiving incoming third tier server 
certificate via a secure connection between said server systems and said third tier server, 

a certificate verifier component for comparing said third tier server certificate 
received from said third tier server with said information received from said client system 
for determining to accept or to reject third tier server, and 

a third tier server which exchanges data between said client system and said 

server. 
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